与Owin和Nancy的Oauth认证

Question

遵循本指南,使用Owin上的MVC 5进行外部身份验证 - 使用owinkatana的外部登录提供程序.

我已将以下内容添加到我的Owin Nancy应用程序中

Startup.cs -

app.Properties["Microsoft.Owin.Security.Constants.DefaultSignInAsAuthenticationType"] = "ExternalCookie";
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = "ExternalCookie",
    AuthenticationMode = Microsoft.Owin.Security.AuthenticationMode.Passive,
});

app.UseTwitterAuthentication(new TwitterAuthenticationOptions
{
    ConsumerKey = "mykey",
    ConsumerSecret = "mypass"
});

LoginModule.cs(nancy模块)

Post["ExternalLogin"] = _ =>
{
    var provider = Request.Form.name;
    var auth = Context.GetAuthenticationManager();
    auth.Challenge(new AuthenticationProperties
    {
        RedirectUri = String.Format("/?provder={0}", provider)
    }, provider);
    return HttpStatusCode.Unauthorized;
};

现在在挑战点,没有任何事情发生.它只显示一个空白页面,其中包含重定向的Url.我已经确认我可以按照MVC中的示例来使用它.有谁知道这部分的正确南希代码？

Answer 1

我将扩展我即将留下的评论，并将其作为答案（即使您似乎离开了南希）。我问了一个类似的问题，并指出了 github 上的以下代码示例：

https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/tree/dev/samples/Nancy/Nancy.Client

假设您在 Startup.cs 中正确连接了 OIDC，则我需要以下代码来获取 Nancy 模块以触发登录/注销路由上的身份验证：

namespace Nancy.Client.Modules {
    public class AuthenticationModule : NancyModule {
        public AuthenticationModule() {
            Get["/signin"] = parameters => {
                var manager = Context.GetAuthenticationManager();
                if (manager == null) {
                    throw new NotSupportedException("An OWIN authentication manager cannot be extracted from NancyContext");
                }

                var properties = new AuthenticationProperties {
                    RedirectUri = "/"
                };

                // Instruct the OIDC client middleware to redirect the user agent to the identity provider.
                // Note: the authenticationType parameter must match the value configured in Startup.cs
                manager.Challenge(properties, OpenIdConnectAuthenticationDefaults.AuthenticationType);

                return HttpStatusCode.Unauthorized;
            };

            Get["/signout"] = Post["/signout"] = parameters => {
                var manager = Context.GetAuthenticationManager();
                if (manager == null) {
                    throw new NotSupportedException("An OWIN authentication manager cannot be extracted from NancyContext");
                }

                // Instruct the cookies middleware to delete the local cookie created when the user agent
                // is redirected from the identity provider after a successful authorization flow.
                manager.SignOut("ClientCookie");

                // Instruct the OpenID Connect middleware to redirect
                // the user agent to the identity provider to sign out.
                manager.SignOut(OpenIdConnectAuthenticationDefaults.AuthenticationType);

                return HttpStatusCode.OK;
            };
        }
    }
}

代码来源：https://github.com/aspnet-contrib/AspNet.Security.OpenIdConnect.Server/blob/dev/samples/Nancy/Nancy.Client/Modules/AuthenticationModule.cs

希望有帮助！